In modern operating systems of the Microsoft® Windows® family, data from input devices (such as a joystick, game controller, keyboard, mouse, tablet, touch screen, touch pad, track ball and so on) is transmitted to the operating system, which then transmits it to the applications without any sort of preliminary processing to enhance the security (such as the use of encryption, security policies, and so on). As a result, it is possible to obtain unauthorized access to the information being entered by the user through one of the following techniques:                using WinAPI event listeners from the input devices;        using the actual drivers of the input devices installed in the system.        
The aforementioned technologies are used by malicious programs, such as so-called keyboard loggers (Trojan keyloggers). Once introduced into the operating system, they track the user's input in real time in order to steal the user's confidential data, such as logins, passwords, account numbers and so on.
The problem of the security of user input is partly solved by antivirus programs, which introduce into the operating system their own driver filter, which single-handedly receives data directly from the device driver and transmits it to the necessary application bypassing the operating system. In this way, the user's input is protected by the antivirus programs against unauthorized access to the information being transmitted.
The drawback to this operating scheme is that it makes it hard to correctly enter texts in non-English language, such as East Asian languages, handwritten text or voice input. One such example is the composing of a text using Chinese characters. Since the characters cannot be entered directly from the keyboard, the Microsoft® Windows® operating system provides a number of possibilities for writing characters by composing a certain sequence of symbols related to the character and then selecting the appropriate character from the list.
When using the above-described data protection technology, if one attempts to enter a Chinese character in the entry field only the set of symbols will be shown from which the operating system would have attempted to form the character, but since the data entry was done bypassing the operating system this did not occur.
Another way of partially solving the problem of user input security is implemented in the Microsoft® Windows® operating systems starting with Microsoft® Windows® 2000 with the introduction of Text Services Framework (TSF)—a framework enabling entry of text independent of language and input device. When using TSF, applications can receive the text being entered without knowing the details of implementation of the input device (for example, by means of speech recognition or handwritten entry). The TSF technology provides data transfer security from the TSF manager to the application using TSF.
This operating scheme ensures a secure transfer of data from the TSF manager to the application, e.g., a malicious program cannot gain access thereto (due to the operating features of the TSF). However, the transfer of data from the input device to the TSF manager may be vulnerable to unauthorized access.
Accordingly, while some conventional approaches solve certain problems in the area of protection of data obtained from input devices, they have a number of drawbacks, e.g., the inability to process nonstandard data (such as the entry of Asian characters) with a reliable data transmission channel or the unreliability of the data transmission channel with full support of entry of nonstandard data.